Latest in Gear

Image credit: Jeff Wasserman / Alamy

Russian hackers can reportedly take over unsecured hotel WiFi

The malicious exploit may use leaked NSA tool, EternalBlue.
711 Shares
Share
Tweet
Share

Sponsored Links

Jeff Wasserman / Alamy

Security-conscious travelers typically avoid public WiFi hotspots, instead using VPNs and other tools to make sure their data is safely encrypted as it transmits from computer to unsecured wireless router to the internet. According to networking security website, FireEye, that concern is justified. The security team discovered a malicious document in several emails sent to "multiple companies in the hospitality industry, including hotels in at least seven European countries and one Middle Eastern country in early July." The document contained a macro that installs GAMEFISH malware, which is associated with a politically-motivated Russian hacking group known as APT28 (or Fancy Bear). This is allegedly the same group that hacked the Democratic National Committee ahead of last year's US election. Even worse, the tool used after the initial malware installation, EternalBlue, reportedly leaked from the NSA itself.

According to FireEye, the EternalBlue exploit could let hackers access anyone's computer connected to the hotel WiFi and silently gather usernames and passwords without victims even having to type them in. "It's definitely a new technique" for this Russion hacker group, FireEye's Ben Read told Wired. "It's a much more passive way to collect on people. You can just sit there and intercept stuff from the WiFi traffic."

The security group warns travelers to be aware of the threat when visiting hotels in other countries (though unsecured WiFi isn't restricted to foreign hotels), and to take steps to secure their systems. "Publicly accessible WiFi networks present a significant threat and should be avoided whenever possible," wrote Ben Read and Lindsay Smith in a blog post.

Via: Wired
Source: FireEye
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
711 Shares
Share
Tweet
Share

Popular on Engadget

T-Mobile, Sprint merger could close by April 1st

T-Mobile, Sprint merger could close by April 1st

View
Windows 10 icons are getting an overdue redesign

Windows 10 icons are getting an overdue redesign

View
Hasbro's flurry of 'The Mandalorian' toys includes an animatronic Baby Yoda

Hasbro's flurry of 'The Mandalorian' toys includes an animatronic Baby Yoda

View
'Westworld' season 3 trailer sets the stage for an AI battle

'Westworld' season 3 trailer sets the stage for an AI battle

View
HBO and HBO Max are coming to YouTube TV

HBO and HBO Max are coming to YouTube TV

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr